ClawHub

Yufluentcn Compliance Guard

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed cloud-backed compliance helper, but users should only use it with a trusted Yufluent endpoint because it sends an API key and product details over the network.

Install only if you are comfortable sending product, market, tariff, labeling, or platform-rule details to Yufluent. Store TOKENAPI_KEY locally rather than in chat, and use TOKENAPI_BASE_URL only for a trusted Yufluent or intentionally trusted local endpoint.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Taint TrackingDirect Taint Flow, Variable-Mediated Taint Flow, Credential Exfiltration Chain
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Tainted flow: 'url' from os.getenv (line 107, credential/environment) → requests.post (network output)

Critical
Category
Data Flow
Content
url = skill_run_url(base_url or os.getenv("TOKENAPI_BASE_URL", ""), skill_id)
    try:
        resp = requests.post(
            url,
            json=payload,
            headers={
Confidence
92% confidence
Finding
resp = requests.post( url, json=payload, headers={ "Authorization": f"Bearer {key}", "Accept": "application/json",

Tainted flow: 'url' from os.getenv (line 107, credential/environment) → requests.post (network output)

Critical
Category
Data Flow
Content
url = agent_outcomes_url(base_url or os.getenv("TOKENAPI_BASE_URL", ""))
    try:
        resp = requests.post(
            url,
            json=payload,
            headers={
Confidence
92% confidence
Finding
resp = requests.post( url, json=payload, headers={ "Authorization": f"Bearer {key}", "Accept": "application/json",

Vague Triggers

Medium
Confidence
83% confidence
Finding
The trigger phrases include broad terms like "HS 编码", "CE 认证", and "platform rules" that can match common conversations beyond the intended narrow compliance workflow. Over-broad activation can cause the agent to invoke this cloud-backed skill unexpectedly, sending user business/product details to an external service without sufficiently specific user intent.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal